Description:
Secunia Research has discovered a vulnerability in Trend Micro HouseCall, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error in the HouseCall ActiveX control (Housecall_ActiveX.dll). This can be exploited to dereference previously freed memory by tricking the user into opening a web page containing a specially crafted "notifyOnLoadNative()" callback function.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in versions 6.51.0.1028 and 6.6.0.1278. Other versions may also be affected.

Trend Flex Security オンラインスキャンでは Housecall_ActiveX.dll はインストールされないみたい。
# TmHcmsX Control インストール後検索してもみつからず。


TrendSecure HouseCall Free Scanで "Browser plug-in" Installing and using the HouseCall kernel を利用した場合は要確認か。
# Housecall_ActiveX.dll を検索すると Trend Micro ActiveX Scan Agent 6.6 がリストアップされる。